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DETAILED ACTION 



Claim Rejections - 35 USC § 102 



1. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

2. Claims 1-44 are rejected under 35 U.S.C. 102(e) as being anticipated by Rump et 
al.(6735311). 

3. As per claim 1, Rump et al. discloses identifying a pluraUty of modules in a software 
program, wherein each module includes a plurality of blocks (see col. 2, lines 1-26), because 
Rump discloses multimedia data(i.e. software) which area(i.e. module) assigned specific 
definition data blocks(see col. 7, lines 22-25); the multimedia(soflware) is subdivided into 
separate data blocks(see col. 7, Hnes 22-36); and wherein the plurality of modules includes 
checker modules(i.e. checksum), each data block contains a checksum, because Rump discloses 
that the checksum of the definition data block is itself ciphered, an no unauthorized person will 
be able to recreate the data block(see col. 8, lines 48-51, see fig. 1, sheet 1); for each of the 
plurality of modules, generating an original checkpoint value, and incorporating the original 
checkpoint value into a checker module(is the data block that contains the checksum value)(col. 
6, lines 38-60); and for each checker modules, generating a new checkpoint value after the 
original checkpoint value has been incorporated into the checker module(see col. 8, lines 25-37), 
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and determining a new block to add to the checker module to offset the incorporated original 
checkpoint value such that subsequent generation of a checkpoint value for the checker module 
equals the original checkpoint value for the checker module(see col. 6, lines 61-67, col. 8, lines 
25-61), Rump discloses this because Rump discloses a free index field that is added to a checker 
module. The free index field of Rump provides an assignment to the data block to the 
ciphered(checksum) multimedia data(see col. 8, lines 38-61). When deciphering the multimedia 
data a check is made to see whether the checksum calculated from the data agrees with the 
subentry user data. This user data contains the free index filed of Rxmip(see col. 8, lines 38-43, 
54-61). 

4. As per claim 2, Rump discloses incorporating the original checkpoint value into multiple 
checker modules(see col. 7, lines 18-35). 

5. As per claim 3, Rump discloses computing, based on the plurality of blocks of a module, 
a message authentication code(MAC) value to be used as the checkpoint value for the 
module(see col. 8, lines 46-61). 

6. As per claim 4, Rump discloses inputting each of the plurality of blocks of the module 
into an exclusive-or operation on each block and an encrypted version of the previous output of 
the exclusive-or operator(see col. 6, lines 26-37); and using, as the message authentication code 
value, the output value from the exclusive-or operator obtained from inputting the last of the 
plurality of blocks into the exclusive-or operator(see col. 8, lines 25-37). 

7. As per claim 5, Rump discloses wherein the determining a new block, encrypting the new 
checkpoint value(see col. 2, lines 27-45); and determining, as the content of the new block, a 
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value equal to the exclusive-or of the encrypted new checkpoint value and the original checksum 
value(see col. 2, lines 46-67). 

8. As per claim 6, Rump discloses v^herein the new block does not alter the functionality of 
the module(see col. 3, liens 5-25). 

9. As per claim 7, Rump discloses wherein the new block includes a data block(see col. 5, 
lines 16-25). 

10. As per claim 8, Rump discloses wherein the plurality of instructions, when executed, 
further cases the one or more processors to perform acts including adding, prior to generating the 
new checkpoint value(see col. 6, lines 38-60), additional instructions to the module as part of one 
or more additional blocks, the additional instructions causing the addition of the new block to not 
alter the functionality of the module(see col. 10, lines 57-67). 

11. As per claim 9, Rump discloses wherein the software program includes a plurality of 
checkpoints corresponding to the incorporated checkpoint values(see col. 6, lines 38-60), 
wherein each checkpoint identifies when the integrity of the corresponding module is to be 
verified(see col. 10, lines 57-67). 

12. As per claims 10, 14, Rump discloses identifying a plurality of segments in an object; and 
applying cychc integrity verification to the object based on the plurality of segments(see col. 6, 
lines 38-60). 

13. As per claim 1 1 , Rump discloses wherein the cyclic integrity verification is applied to the 
plurality of segments by: for each of the plurality of segments, generating an original checkpoint 
value, and incorporating the original checkpoint value into a checker segment(see col. 6, lines 
38-60, col. 10, lines 57-67); and for each of the checker segments, generating a new checkpoint 
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value after the original checkpoint value has been incorporated into the checker segment(see col. 
6, lines 61-67, col. 8, lines 25-37), determining an additional block to be added to the checker 
segment to offset the incorporated original checkpoint value such that subsequent generation of a 
checkpoint value for the checker segment equals the original checkpoint value for the checker 
segment(col. 8, lines 25-37). 

14. As per claim 12, Rump discloses wherein the cyclic integrity verification is appUed to 
verify the shape of the plurality of segments(see col. 6, lines 38-60). 

15. As per claim 13, Rump discloses wherein the cyclic integrity verification is appUed to 
verify the behavior of the plurality of segments(see col. 10, lines 57-67). 

1 6. As per claims 1 5, 24, Rump discloses identifying a plurality of segments in an object; 
generating a checkpoint value for each of the plurality of segments(see col. 6, lines 38-60); 
storing the checkpoint value for each of the plurality of segments in another of the plurality of 
segments(see col. 2, lines 3-26); and modifying each of the plurality of segments so that the 
addition of the checkpoint value to the segment is offset and the checkpoint value for the 
segment remains the same(see col. 2, lines 27-66). 

17. As per claim 16, Rump discloses wherein the storing the checkpoint value into multiple 
other segments of the plurality of segments(see col. 3, lines 5-25). 

18. As per claim 17, Rump discloses computing, based on a plurality of blocks of a segment, 
a message authentication code(MAC) value to be used as the checkpoint value for the 
segment(see col. 8, lines 46-61); and determining a new block to add to the segment to offset the 
stored checkpoint value such that subsequent generation of a checkpoint value for the segment 
equals the previously generated message authentication code value(col. 8, lines 25-37). 
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19. As per claim 18, Rump discloses inputting each of the plurality of blocks of the segment 
into an exclusive-or operator that generates an output value by performing an exclusive-or 
operation on each block(see col. 6, lines 26-37) and encrypted version of the previous output of 
the exclusive-or operator; and using, as the message authentication code value(see col. 4, lines 
62-67), the output value from the exclusive-or operator obtained from inputting the last of the 
plurality of blocks into the exclusive-or operator(see col. 9, lines 32-59). 

19. As per claim 19, Rump discloses generating a new checkpoint value based on the 
plurality of blocks and including the stored checkpoint value(see col. 6, lines 38-60); encrypting 
the new checkpoint value; and determining, as the content of the new block, a value equal to the 
exclusive-or of the encrypted new checkpoint value and the original checksum value(see col. 2, 
lines 27-66). 

20. As per claim 20, Rump discloses wherein the modifying does not alter the functionality 
of the segment(see col. 8, lines 4-15). 

21 . As per claim 21, Rump discloses wherein the modifying includes adding a new data 
block(see col. 5, lines 16-25). 

22. As per claim 22, Rump discloses wherein the object includes a software program(see col. 
3, lines 25-36, col. 4, lines 19-25). 

23. As per claim 23, Rump discloses storing a checkpoint corresponding to each checkpoint 
value, each checkpoint identifying when the integrity of the corresponding segment is to be 
verified (see col. 10, lines 57-67). 

24. As per claims 25, 37, Rump discloses generating a verification value for a first segment 
of an object(see col. 6, Unes 38-60); generating an original verification value for a second 
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segment of the object; adding, to the second segment, the verification value for the first segment 
and adding an offset value to the second segment so that a newly calculated verification value for 
the second segment equals the original verification value(see col. 8, lines 46-61, col. 10, lines 19- 



25. As per claim 26, Rump discloses wherein the generating the verification value for the 
first segment includes generating the verification value based at least in part on behavior of the 
first segment during execution of the first segment(see col. 2, lines 3-26). 

26. As per claim 27, Rump discloses wherein the behavior of the first segment during 
execution includes modification of a register by one or more instructions in the first segment 
during execution(see col. 8, lines 4-37). 

27. As per claim 28, Rump discloses adding, to the first segment, the original verification 
value for the second segment; and adding another offset value to the first segment so that a 
newly calculated verification value for the first segment equals the verification value for the first 
segment(see col. 6, lines 61-67, col. 7, lines 1-13). 

28. As per claim 29, Rump discloses wherein generating the original verification value 
includes computing, based on a plurality of blocks of the second segment, a message 
authentication code(MAC) value(see col. 8, lines 46-61). 

29. As per claim 30, limitations have already been addressed(see claim 18). 

30. As per claim 31, Rump discloses generating a new verification value for the second 
segment(see col. 6, lines 26-37); encrypting the new verification value; and determining, as the 
offset value, a value equal to the exclusive-or of the encrypted new verification value and the 
original verification value(see col. 8, lines 25-37, col. 9, lines 32-58). 



28). 
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31. As per claim 32, Rump discloses wherein the offset value does not alter the functionality 
of the module(see col. 6, hnes 38-60). 

33. As per claim 33, Rump discloses wherein the offset value includes a data block(see col. 
5, lines 16-25). 

34. As per claim 34, Rump discloses wherein the object includes a software program(see col. 
3, lines 25-36, col. 4, lines 19-25). 

35. As per claim 35, Rump discloses storing a checkpoint, corresponding to the verification 
value, that identifies when the integrity of the first segment is to be verified (see col 6, lines 38- 
60, col. 8, lines 46-61). 

36. As per claim 36, Rump discloses storing the checkpoint in the second segment(see col. 8, 
lines 46-61). 

37. As per claim 38, Rump discloses a plurality of segments, each including one or more 
checkpoint values to be used to verify the integrity of one or more other segments(see col. 5, 
lines 46-62); and wherein the plurality of segments further include a plurality of checkpoints that 
identify a circular ordering of verifying the integrity of the segments(see col. 6, lines 61-67, col. 
8, lines 25-37). 

38. As per claim 39, Rump discloses wherein each of the checkpoint values is message 
authentication code value based on the one or more other segments(see col. 6, lines 38-60, col. 8, 
lines 46-61). 

39. As per claim 40, Rump discloses wherein each of the plurality of segments includes a 
checkpoint value to be used to verify the integrity of each of the other of the plurality of 
segments(see col. 6, lines 38-60, col. 8, lines 46-61). 
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40. As per claim 41, Rump discloses a memory to store an original program; and a 
production server equipped with a cyclic integrity verification protection tool that is used to 
augment the original program for protection purposes(see col. 5, lines 7-25), the production 
server being configured to parse the original program into a plurality of segments and apply 
cyclic integrity verification to the plurahty of segments(see col. 7, Hnes 18-36). 

41. As per claim 42, limitations already addressed(see claim 11). 

42. As per claim 43, Rump discloses wherein the cycHc integrity is applied to the plurality of 
segments by including a plurality of checkpoints corresponding to the incorporated checkpoint 
values(see col. 6, lines 61-67, col. 8, lines 25-37), wherein each checkpoint identifies when the 
integrity of the corresponding segment is to be verified(coL 6, lines 38-60). 

43. As per claim 44, Rirnip discloses a production server to apply cyclic integrity verification 
to a program to produce a protected; and a client to store and execute the protected program, the 
client being configured to evaluate the protected program to determine whether the protected 
program has been tampered with(see col. 5, lines 46-67, col. 6, lines 6-15). 

Conclusion 

Any inquiry concerning this communication or earlier communications fi-om the 
examiner should be directed to Jenise E Jackson whose telephone number is (703) 306-0426. 
The examiner can normally be reached on M-Th (6:00 a.m. - 3:30 p.m.) alternate Friday's. 

If attempts to reach the examiner by telephone are unsuccessfiil, the examiner's 
supervisor, Ayaz Sheikh can be reached on (703) 305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 




